Programm 30C3

Vortrag: Virtually Impossible: The Reality Of Virtualization Security

Errata FTW

This talk will demonstrate why it is virtually impossible to secure virtual machines implementations properly. In the talk I will try to give an overview of the basics of hardware virtualization technology, the existing attack techniques against virtualization and also explain why it is such a complex problem to create a secure hypervisor. The talk will focus on the low level interfaces and how it affects all aspects of computer platform security. I will also try to review a few interesting Erratas at the end of the talk.

This talk will demonstrate why it is virtually impossible to secure virtual machines implementations properly. In the talk I will try to give an overview of the basics of hardware virtualization technology, the existing attack techniques against virtualization and also explain why it is such a complex problem to create a secure hypervisor. The talk will focus on the low level interfaces and how it affects all aspects of computer platform security. I will also try to review a few interesting Erratas at the end of the talk.

When you get out of this talk you I hope that you will reconsider your trust of virtualized cloud platforms and VMM implementations like XEN, KVM and VMWare as well as virtualization based sandboxing solutions.

Finally the talk will also cover virtualization attack vectors and interesting Erratas.

For those less familiar with some computer architecture details - don’t worry. During this talk I will provide a brief introduction to subjects required to understand the technical challenges presented.

additional details and materials might be found on my company website later (see included link)